Malware

Malware.AI.4061319793 removal

Malware Removal

The Malware.AI.4061319793 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4061319793 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Likely virus infection of existing system binary
  • Creates Zeus (Banking Trojan) mutexes

How to determine Malware.AI.4061319793?



File Info:

name: A8A0FD3E8FFA27356F6A.mlw
path: /opt/CAPEv2/storage/binaries/44926996043c85767cee34fcf17430f8e087ee3e5551bfddcf896f15d23d7058
crc32: E9C2142F
md5: a8a0fd3e8ffa27356f6a514aa015400e
sha1: 265daa013d342346ad31d7bc8a3562d508a5adf1
sha256: 44926996043c85767cee34fcf17430f8e087ee3e5551bfddcf896f15d23d7058
sha512: 7420d38963835c8669ea95672d690506b9500e1a70dfa80077594036412a4f521818583447bd61d9e7434774da087c7970bf3955281b6fcef8e9fe7cc3edc796
ssdeep: 12288:Scxu4POEcnDGIMEHNGw+XnLVriOKeYL674P0aAIXpPhb4284x:FxFDcnD6Ei3B2O1Ym4s5I5Wr4x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195E423900B3C0633D67ADE7F2489666C72F89952466EEC1A434005E31E7319F1F9E9AF
sha3_384: 76828d9299321e470ab46ae598c9b1ae7390eb04bed06fd2b3c087297df46ec422850bebc08823362386c705ca55c9de
ep_bytes: 558bec81ec380400005356576a11e8e4
timestamp: 2007-01-27 18:05:49


Version Info:

0: [No Data]

Malware.AI.4061319793 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Zbot.l!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoad3.8381
MicroWorld-eScanTrojan.Spy.ZBot.ES
FireEyeGeneric.mg.a8a0fd3e8ffa2735
McAfeeRDN/Generic PWS.y
CylanceUnsafe
ZillyaTrojan.Agent.Win32.713344
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
AlibabaTrojanSpy:Win32/DwnLdr.f798df01
K7GWTrojan ( 004bcce41 )
Cybereasonmalicious.e8ffa2
BitDefenderThetaAI:Packer.712429D41B
CyrenW32/Injector.A.gen!Eldorado
SymantecTrojan.Zbot
ESET-NOD32Win32/TrojanDownloader.Agent.NKG
TrendMicro-HouseCallMal_Scram
Paloaltogeneric.ml
ClamAVWin.Trojan.Gpcode-3
KasperskyTrojan-Spy.Win32.Zbot.aeg
BitDefenderTrojan.Spy.ZBot.ES
NANO-AntivirusTrojan.Win32.Zbot.bcaxyp
TencentWin32.Trojan-downloader.Agent.Lohk
Ad-AwareTrojan.Spy.ZBot.ES
EmsisoftTrojan.Spy.ZBot.ES (B)
ComodoTrojWare.Win32.Spy.Zbot.ACA@1rkc1t
TrendMicroMal_Scram
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
SophosMal/Generic-R + Troj/DwnLdr-HWE
IkarusTrojan-Spy.Win32.Zbot
JiangminTrojanDownloader.Small.ageg
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.10F27D
MicrosoftPWS:Win32/Zbot.gen!U
ViRobotTrojan.Win32.A.Zbot.32768.H
ZoneAlarmTrojan-Spy.Win32.Zbot.aeg
GDataTrojan.Spy.ZBot.ES
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Xema.C44973
Acronissuspicious
VBA32Trojan.Inject.01376
ALYacTrojan.Spy.ZBot.ES
MAXmalware (ai score=87)
MalwarebytesMalware.AI.4061319793
PandaTrj/Genetic.gen
APEXMalicious
RisingSpyware.Agent!8.C6 (CLOUD)
YandexTrojanSpy.Zbot!MfVDDeoCoFc
SentinelOneStatic AI – Malicious PE
FortinetW32/Zbot.PZ!tr.spy
AVGWin32:Zbot-UAI [Trj]
AvastWin32:Zbot-UAI [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.4061319793?

Malware.AI.4061319793 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment